Updating as needed - Please check back . . .
Security guidance related to COVID-19 (Novel Coronavirus) pandemic that will help you protect yourself, the University, its members, and its data in a changing cybersecurity threat landscape. We suggest you review this information carefully to learn how to protect vital assets, data, and identities. Be sure to return often to review updates, as this situation changes rapidly.
There are a growing number of ways the bad guys are trying to convince you to respond. There are spear phishing attempts via email (click here to see an example) and via email and text messages (click here to see an example). With any email or text you get, verify the information independently. Do NOT reply to the email or call phone numbers in the email. Contacting the sender using the email or phone number you have for them or the number you have or look up for the institution, bank, government office, etc. Click here for tips for avoiding being a gift card scam victim.
If you're not sure whether the email is phishing or not, forward it to [email protected] for verification (and in the meantime do not reply!)
Hackers are using fear surrounding the pandemic to their advantage in COVID-19 related phishing emails. Because most people consider information about the virus and its spread urgent and important, targets are more likely to make mistakes and click on links or attachments that afford cyber criminals access to confidential information. Read more about how to recognize and prevent COVID phishing attacks.
Currently they are no cures or approved vaccines for COVID-19, and testing is still restricted. So don't fall for fake offers. For example, there is an email that provides a "map" of the spread of the COVID-19 (Novel Coronavirus) pandemic, but instead is a fake online Coronavirus map that delivers well-known malware. (click here to see an example). Be VERY suspicious and cautious with any emails about the coronavirus. When in doubt, check it out: cdc.gov/coronavirus
Sometimes the malware is a form called ransomware in which rogue software code holds your computer hostage until a "ransom" fee is paid. This type of malware is often delivered by clicking on an attachment in an email or visiting a website - such as a fake Coronavirus map. If you're not sure whether the email or website is malicious or not, email [email protected] for verification.
The University has a site-license for Zoom and recommends its use for online instruction and meetings. Although infrequent, it is possible for uninvited guests to access your Zoom session, particularly your Personal Meeting ID Room. Consider following the security recommendations on the ITS Zoom Security guidance webpage to prevent uninvited guests from joining your class or meeting.
Your and the University's data is only as safe as the weakest device that holds it. This webpage provide guidance related to help you keep your devices and accounts secure, regardless of whether you are at home, your office, or travelling.
Learn some tips and best practices for remote access to UVA resources and working remotely during this pandemic.